Why automation is key for the future of cyber security

Peter Woollacott: ‘analysts come on board to solve problems, the surgeon comes on board to cut, not to push the patient from the ward into the theatre and wash them down’.

Cyber security is all about speed – finding and dealing with a threat or vulnerability as quickly as possible. The damage that can be wrought in minutes, let alone days and weeks, could prove devastating to any business, no matter the size or industry.

However this need for speed is not being seen in practice, with many reports putting data breach discovery taking upwards of 200 days. However, Peter Woollacott, Huntsman Security CEO, has a cure for the lag in cyber security – automation.

At the moment, Woollacott argues, analysts are weighed down with basic tasks, drowning under the weight of less-important tasks – all the while the more serious threats go unresolved and are left free to wreak havoc.

Peter Woollacott, CEO Huntsman

‘If they are manually trying to manage all of this information that they are being bombarded with and reach conclusions, while all of the information is coming in at machine speed, they are always under water,’ the Huntsman CEO told CBR.

Some may be quick to argue that the solution is the hiring of more skilled staff to handle the massive amounts of data being thrown at analytics, a fact which Woollacott disregards, simply because ‘there aren’t any more analysts out there.’

Automation, argues the CEO, will leave the analysts free to do the important work, the work where they will make the most positive impact for the business. Using the analogy that ‘analysts come on board to solve problems, the surgeon comes on board to cut, not to push the patient from the ward into the theatre and wash them down,’ the CEO argued that it is imperative that automation is deployed to cut the shackles of the most skilled staff.

‘More data is coming with IoT, so technologies that can close that decision loop are really going to help. You are not going to replace analysts, but it is really going to free up time for them to actually do some analytical work, and have machines do some of the lesser things, while they focus on the crown jewels type problems’.

Hitting his point home, Woollacott conjured up two images – one at the turn of the century, of a man building a Morgan car by hand, with the other a present day Toyota factory in Japan. The Toyota factory, with automation on side, was able to match the lifetime output of cars achieved by the turn of the century car builder in mere minutes.

‘We are up to the point of industrialising cybersecurity and that’s really what automation is going to do. It is going to automate processes that are currently done by hand’.

Showing confidence in the abilities of automation, Woollacott said: ‘By introducing a level of automation to a process you are delivering a known, measured repeatable process. Once you are satisfied the automation works, you are going to have a much higher quality outcome’.

‘To manage a group of people who are all doing things differently makes it difficult to know exactly what you are doing at any one point’ the CEO told CBR. Automation, Woollacott countered, would not only save analysts vital time and enable their skills to be utilised elsewhere, but it would eliminate human error, further improving efficiency.

Woollacott’s sentiments highlight a little talked about topic in the much talked about Fourth Industrial Revolution – that of cyber security. As is seen in other industries, the Fourth Industrial Revolution looks to transform cyber security processes through automation and smart tech like machine learning. We are, as Woollacott argues, on the cusp of the industrialisation of cyber security.